Home News Guide Hardware Download Forum Glossario

Condividi:        

Log

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Regole del forum
Rispondi al post

Log

Postdi rino86 » 29/09/15 19:18

scusate ho fatto una scansione con Combofix, allego log:

ComboFix 15-09-25.01 - Win 29/09/2015 20:04:50.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3801.2925 [GMT 2:00]
Eseguito da: c:\users\Win\Downloads\ComboFix_15-09-25.01.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
c:\users\Win\AppData\Roaming\PCFix
c:\users\Win\AppData\Roaming\PCFix\log.dat
c:\users\Win\AppData\Roaming\PCFix\unresolvederrors.dat
.
.
((((((((((((((((((((((((( Files Creati Da 2015-08-28 al 2015-09-29 )))))))))))))))))))))))))))))))))))
.
.
2015-09-29 18:08 . 2015-09-29 18:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-09-29 12:43 . 2015-09-29 12:43 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41C4C64D-2B25-4D81-9368-028B399CE5C3}\offreg.960.dll
2015-09-29 12:26 . 2015-08-31 22:45 11062400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41C4C64D-2B25-4D81-9368-028B399CE5C3}\mpengine.dll
2015-09-27 15:44 . 2015-08-31 22:45 11062400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-09-26 08:59 . 2015-09-26 08:59 -------- d-----r- c:\users\Win\AppData\Roaming\Brother
2015-09-24 21:15 . 2015-09-24 21:15 -------- d-----w- C:\$Windows.~BT
2015-09-24 08:37 . 2015-07-23 16:47 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6E56C4C-83C3-417F-BBA5-2795F7F77D0E}\gapaengine.dll
2015-09-15 08:52 . 2015-09-15 08:52 113880 ----a-w- c:\windows\system32\drivers\6A786962.sys
2015-09-14 11:40 . 2015-09-14 11:40 113880 ----a-w- c:\windows\system32\drivers\17531C47.sys
2015-09-13 08:30 . 2015-09-13 08:30 113880 ----a-w- c:\windows\system32\drivers\64A53C51.sys
2015-09-11 11:19 . 2015-08-15 05:39 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-09-11 11:15 . 2015-09-02 03:04 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-07 11:39 . 2015-09-07 11:39 113880 ----a-w- c:\windows\system32\drivers\42227888.sys
2015-09-06 10:13 . 2015-09-06 10:13 113880 ----a-w- c:\windows\system32\drivers\012C68CB.sys
2015-09-05 15:10 . 2015-09-05 15:10 -------- d-----w- c:\users\Win\AppData\Local\Wondershare
2015-09-05 15:10 . 2015-09-05 15:10 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
2015-09-05 15:10 . 2015-09-05 15:10 -------- d-----w- c:\programdata\Wondershare
2015-09-05 15:10 . 2015-09-05 15:10 -------- d-----w- c:\program files (x86)\Wondershare
2015-09-05 12:25 . 2015-09-05 12:48 -------- d-----w- c:\program files\HitmanPro
2015-09-05 12:25 . 2015-09-05 12:43 -------- d-----w- c:\programdata\HitmanPro
2015-09-03 22:12 . 2015-09-25 08:02 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-03 22:12 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-09-03 22:12 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-09-03 22:12 . 2015-09-03 22:12 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-09-03 22:12 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-28 13:31 . 2015-08-28 13:31 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-26 16:37 . 2015-07-03 07:26 134753440 ----a-w- c:\windows\system32\MRT.exe
2015-07-30 18:06 . 2015-08-12 08:36 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-12 08:36 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-12 08:36 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-12 08:36 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-30 17:57 . 2015-08-12 08:36 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-07-30 13:13 . 2015-08-12 22:39 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-12 22:39 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-28 20:09 . 2015-08-12 08:38 17344 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-28 20:05 . 2015-08-12 08:38 774656 ----a-w- c:\windows\system32\invagent.dll
2015-07-28 20:05 . 2015-08-12 08:38 743424 ----a-w- c:\windows\system32\generaltel.dll
2015-07-28 20:05 . 2015-08-12 08:38 437760 ----a-w- c:\windows\system32\devinv.dll
2015-07-28 20:05 . 2015-08-12 08:38 1116672 ----a-w- c:\windows\system32\appraiser.dll
2015-07-28 20:05 . 2015-08-12 08:38 69120 ----a-w- c:\windows\system32\acmigration.dll
2015-07-28 20:05 . 2015-08-12 08:38 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-28 19:55 . 2015-08-12 08:38 1148416 ----a-w- c:\windows\system32\aeinv.dll
2015-07-23 16:47 . 2015-07-25 23:28 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-07-22 17:53 . 2015-09-11 11:20 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-07-15 18:15 . 2015-08-12 08:38 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-07-15 18:10 . 2015-08-12 08:38 1743360 ----a-w- c:\windows\system32\sysmain.dll
2015-07-15 18:10 . 2015-08-12 08:38 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-07-15 03:19 . 2015-08-12 08:38 52736 ----a-w- c:\windows\system32\basesrv.dll
2015-07-10 17:51 . 2015-08-12 08:38 44032 ----a-w- c:\windows\system32\tsgqec.dll
2015-07-10 17:51 . 2015-08-12 08:36 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-07-10 17:51 . 2015-08-12 08:38 3722752 ----a-w- c:\windows\system32\mstscax.dll
2015-07-10 17:51 . 2015-08-12 08:38 158720 ----a-w- c:\windows\system32\aaclient.dll
2015-07-10 17:34 . 2015-08-12 08:38 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2015-07-10 17:34 . 2015-08-12 08:38 3221504 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-07-10 17:33 . 2015-08-12 08:38 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2015-07-09 17:57 . 2015-08-12 08:36 193536 ----a-w- c:\windows\system32\notepad.exe
2015-07-09 17:57 . 2015-08-12 08:36 193536 ----a-w- c:\windows\notepad.exe
2015-07-09 17:42 . 2015-08-12 08:36 179712 ----a-w- c:\windows\SysWow64\notepad.exe
2015-07-08 16:59 . 2012-07-17 12:37 23776 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-07-05 10:08 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-07-04 18:07 . 2015-07-15 08:56 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-04 17:48 . 2015-07-15 08:56 1414656 ----a-w- c:\windows\SysWow64\ole32.dll
2015-07-03 18:05 . 2015-07-15 08:56 41984 ----a-w- c:\windows\system32\lpk(42).dll
2015-07-03 17:55 . 2015-07-15 08:56 25600 ----a-w- c:\windows\SysWow64\lpk(45).dll
2015-07-03 16:52 . 2015-07-15 08:56 372224 ----a-w- c:\windows\system32\atmfd(41).dll
2015-07-03 16:42 . 2015-07-15 08:56 299008 ----a-w- c:\windows\SysWow64\atmfd(44).dll
2015-07-03 07:55 . 2015-07-03 07:55 16896 ----a-w- c:\windows\AsTaskSched.dll
2015-07-03 07:52 . 2015-07-03 08:14 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2015-07-03 07:52 . 2015-07-03 08:14 677480 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2015-07-03 07:52 . 2015-07-03 08:14 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2015-07-03 07:52 . 2015-07-03 08:15 2604376 ----a-w- c:\windows\system32\WavesGUILib.dll
2015-07-03 07:52 . 2015-07-03 08:15 81248 ----a-w- c:\windows\system32\SFCOM64.dll
2015-07-03 07:52 . 2015-07-03 08:15 78688 ----a-w- c:\windows\system32\SFAPO64.dll
2015-07-03 07:52 . 2015-07-03 08:15 74064 ----a-w- c:\windows\SysWow64\SFCOM.dll
2015-07-03 07:52 . 2015-07-03 08:15 65432 ----a-w- c:\windows\system32\tepeqapo64.dll
2015-07-03 07:52 . 2015-07-03 08:15 518896 ----a-w- c:\windows\system32\SRSTSX64.dll
2015-07-03 07:52 . 2015-07-03 08:15 221024 ----a-w- c:\windows\system32\SFNHK64.dll
2015-07-03 07:52 . 2015-07-03 08:15 219752 ----a-w- c:\windows\system32\SFSS_APO.dll
2015-07-03 07:52 . 2015-07-03 08:15 211184 ----a-w- c:\windows\system32\SRSTSH64.dll
2015-07-03 07:52 . 2015-07-03 08:15 198896 ----a-w- c:\windows\system32\SRSHP64.dll
2015-07-03 07:52 . 2015-07-03 08:15 177088 ----a-w- c:\windows\system32\tadefxapo264.dll
2015-07-03 07:52 . 2015-07-03 08:15 155888 ----a-w- c:\windows\system32\SRSWOW64.dll
2015-07-03 07:52 . 2015-07-03 08:15 148416 ----a-w- c:\windows\system32\tadefxapo.dll
2015-07-03 07:52 . 2015-07-03 08:15 1361336 ----a-w- c:\windows\system32\tosade.dll
2015-07-03 07:52 . 2015-07-03 08:15 1560168 ----a-w- c:\windows\system32\RTSnMg64.cpl
2015-07-03 07:52 . 2015-07-03 08:15 4718952 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2015-07-03 07:52 . 2015-07-03 08:15 331880 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2015-07-03 07:52 . 2015-07-03 08:15 2615400 ----a-w- c:\windows\system32\RtPgEx64.dll
2015-07-03 07:52 . 2015-07-03 08:15 149608 ----a-w- c:\windows\system32\RtkCfg64.dll
2015-07-03 07:52 . 2015-07-03 08:15 14952 ----a-w- c:\windows\system32\RtkCoLDR64.dll
2015-07-03 07:52 . 2015-07-03 08:15 3744872 ----a-w- c:\windows\system32\RtkAPO64.dll
2015-07-03 07:52 . 2015-07-03 08:15 78680 ----a-w- c:\windows\system32\RTEEG64A.dll
2015-07-03 07:52 . 2015-07-03 08:15 375128 ----a-w- c:\windows\system32\RTEEP64A.dll
2015-07-03 07:52 . 2015-07-03 08:15 310104 ----a-w- c:\windows\system32\RP3DHT64.dll
2015-07-03 07:52 . 2015-07-03 08:15 310104 ----a-w- c:\windows\system32\RP3DAA64.dll
2015-07-03 07:52 . 2015-07-03 08:15 2684416 ----a-w- c:\windows\system32\RCoRes64.dat
2015-07-03 07:52 . 2015-07-03 08:15 204120 ----a-w- c:\windows\system32\RTEED64A.dll
2015-07-03 07:52 . 2015-07-03 08:15 1969768 ----a-w- c:\windows\system32\RtkApi64.dll
2015-07-03 07:52 . 2015-07-03 08:15 1247848 ----a-w- c:\windows\system32\RTCOM64.dll
2015-07-03 07:52 . 2015-07-03 08:15 101208 ----a-w- c:\windows\system32\RTEEL64A.dll
2015-07-03 07:52 . 2015-07-03 08:15 100456 ----a-w- c:\windows\system32\RCoInstII64.dll
2015-07-03 07:52 . 2015-07-03 08:15 74072 ----a-w- c:\windows\system32\R4EEG64A.dll
2015-07-03 07:52 . 2015-07-03 08:15 426328 ----a-w- c:\windows\system32\R4EED64A.dll
2015-07-03 07:52 . 2015-07-03 08:15 3308376 ----a-w- c:\windows\system32\R4EEP64A.dll
2015-07-03 07:52 . 2015-07-03 08:15 136024 ----a-w- c:\windows\system32\R4EEL64A.dll
2015-07-03 07:52 . 2015-07-03 08:15 118104 ----a-w- c:\windows\system32\R4EEA64A.dll
2015-07-03 07:52 . 2015-07-03 08:15 702808 ----a-w- c:\windows\system32\MaxxAudioRealtek2.dll
2015-07-03 07:52 . 2015-07-03 08:15 334680 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
2015-07-03 07:52 . 2015-07-03 08:15 3768152 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll
2015-07-03 07:52 . 2015-07-03 08:15 2132824 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2015-07-03 07:52 . 2015-07-03 08:15 603984 ----a-w- c:\windows\system32\KAAPORT64.dll
2015-07-03 07:52 . 2015-07-03 08:15 341336 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2015-07-03 07:52 . 2015-07-03 08:15 318808 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2015-07-03 07:52 . 2015-07-03 08:15 693352 ----a-w- c:\windows\system32\DTSVoiceClarityDLL64.dll
2015-07-03 07:52 . 2015-07-03 08:15 527872 ----a-w- c:\windows\system32\DTSU2PLFX64.dll
2015-07-03 07:52 . 2015-07-03 08:15 439808 ----a-w- c:\windows\system32\DTSU2PREC64.dll
2015-07-03 07:52 . 2015-07-03 08:15 2085440 ----a-w- c:\windows\system32\FMAPO64.dll
2015-07-03 07:52 . 2015-07-03 08:15 728680 ----a-w- c:\windows\system32\DTSBassEnhancementDLL64.dll
2015-07-03 07:52 . 2015-07-03 08:15 712296 ----a-w- c:\windows\system32\DTSSymmetryDLL64.dll
2015-07-03 07:52 . 2015-07-03 08:15 515584 ----a-w- c:\windows\system32\DTSU2PGFX64.dll
2015-07-03 07:52 . 2015-07-03 08:15 491112 ----a-w- c:\windows\system32\DTSNeoPCDLL64.dll
2015-07-03 07:52 . 2015-07-03 08:15 432744 ----a-w- c:\windows\system32\DTSLimiterDLL64.dll
2015-07-03 07:52 . 2015-07-03 08:15 428648 ----a-w- c:\windows\system32\DTSGainCompensatorDLL64.dll
2015-07-03 07:52 . 2015-07-03 08:15 242792 ----a-w- c:\windows\system32\DTSLFXAPO64.dll
2015-07-03 07:52 . 2015-07-03 08:15 242792 ----a-w- c:\windows\system32\DTSGFXAPO64.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-12-12 1840424]
"uTorrent"="c:\users\Win\AppData\Roaming\uTorrent\uTorrent.exe" [2015-09-26 1821536]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-08-19 8455960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 hitmanpro37duringboot;hitmanpro37duringboot;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cpuz134;cpuz134;c:\users\Win\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Win\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-09-26 08:53 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-07-03 05:09 285368 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contenuto della cartella 'Scheduled Tasks'
.
2015-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03 22:40]
.
2015-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03 22:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-07-03 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-07-03 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-07-03 440640]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2015-07-03 7560296]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://it.yahoo.com/?fr=yset_ie_syc_or ... orcl_hpset
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2015-09-29 20:09:41
ComboFix-quarantined-files.txt 2015-09-29 18:09
.
Pre-Run: 443.435.163.648 byte disponibili
Post-Run: 443.266.715.648 byte disponibili
.
- - End Of File - - 0D661525C833407E5A7371769D47D4CA
A36C5E4F47E84449FF07ED3517B43A31
rino86
Utente Junior
 
Post: 88
Iscritto il: 21/10/14 13:28
Top
Sponsor
 
Rispondi al post

Torna a Sicurezza e Privacy

Chi c’è in linea

Visitano il forum: Nessuno e 57 ospiti